Unable to get HAproxy to work with Nextcloud

[tomclewes]

Before proceeding, I would like to point out that if I do not use HAproxy and simply NAT port 443 to my Nextcloud server, I get the Nextcloud splash page as expected which confirms my Nextcloud server is up and reachable.

For sake of troubleshooting, I have disabled HA and I am currently using a standalone firewall with the following details:

OPNsense 20.1.6-amd64
WAN IP = 192.168.10.1 (Sat behind ISP router with port 80 / 443 forwarded to WAN IP of OPnsense firewall).

Steps to setup:
1. Ensure no firewall rules exist for port 443 on WAN interface
2. Install HAproxy plugin
3. Add 'Real Server' with the IP of Nextcloud server (192.168.66.1)
4. Create back-end pool and include the above Nextcloud server
5. Create front-end and listen on 192.168.10.1:443
6. Set Default Backend Pool to one created in step 4
7. Click apply and test syntax
8. Confirm no syntax issues are present
9. Enable HAproxy
10. Setup rule on WAN interface with following settings:
Source = Any
Port = *
Destination = WAN interface (192.168.10.1)
Port = 443 (HTTPS)

Unfortunately the above does not work and the logs simply say backend started. I have referred to the documentation but still not getting anywhere. Either the documentation is wrong or I am missing something blatently obvious.

[Taomyn]

The way I was told to use HAProxy was to have it listen on 127.0.0.1 with it's own ports not 80 or 443, e.g. use 3456 and 3457, this stops it getting interfered with by any other local services on the firewall - I have Nextcloud working fine through HAproxy so I know this works. I then have a NAT set to forward WAN 80/443 to 127.0.0.1 3456/3457.



After that it should then proxy correctly to your internal Nextcloud server, I would also recommend enabling "X-Forwarded-For header" for the public server setting so that the original IP is sent to the internal server as well.